holme-r
commented
10 months ago I'm not seeing any error being returned by OpenSSL when I tried your cert in my environment. Perhaps this is an issue with the options configured for your OpenSSL library, or an issue related to OpenSSL version ? This seems most likely as the error is being returned by OpenSSL.
By the way, were you intending to use the -a or the -t option ?
- The -t option specifies the CA certs in OBUSPA's trust store. This needs to include the CA cert which signed the server cert (of the MQTT Broker that you're connecting to). This is just a public cert - no private key.
- The -a option is for specifying a client certificate. This would be a cert which is specific to the device and which was signed by one of the CA certs installed in the trust store of the MQTT Broker. This includes both the public and private parts of the cert. You must specify the -t option when using TLS but client certs (-a) are optional.
Wonderjack996
Hi. I'm trying to connect to an MQTT broker hosted on port 8883, that need SSL for connection. I've specified the broker address, username and password in mqtt factory reset file, specifying as TransportProtocol TLS. I've also create a self signed certificate file, containing also the private key, passed with the -a option. I got the error LoadClientCert: SSL_CTX_use_certificate() failed, and don't know why. Any ideas? Thanks. Here my certificate (the private key is only a test): -----BEGIN CERTIFICATE---- ... -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- ..... -----END RSA PRIVATE KEY-----